# Base-image
FROM registry.suse.com/bci/python:3.6.15@sha256:624f439b811c275a5d7df752cee3dacd0e2d7784fba9e3b56cb238437955cfdb AS base

ARG GCC_VERSION=14
ARG GITHUB_RAW_URL=https://raw.githubusercontent.com
ARG GITHUB_URL=https://github.com
ARG JAVA_VERSION=21.0.8-tem
ARG MAVEN_3
ARG MAVEN_VERSION=${MAVEN_3}
ARG NODE_20
ARG NODE_VERSION=${NODE_20}
ARG NODEJS_DIST_URL
ARG NPM_REPO
ARG NVM
ARG NVM_VERSION=${NVM}
ARG PIP_CONFIG
ARG SDKMAN_URL=https://api.sdkman.io/2
ARG SUSE_REPO

ENV JAVA_HOME="/opt/java/${JAVA_VERSION}" \
    JAVA_VERSION=$JAVA_VERSION \
    LANG=en_US.UTF-8 \
    LANGUAGE=en_US.UTF-8 \
    LC_ALL=en_US.UTF-8 \
    MAVEN_HOME="/opt/maven/${MAVEN_VERSION}" \
    MAVEN_VERSION=$MAVEN_VERSION \
    NVM_DIR="/root/.nvm" \
    npm_config_python=/usr/bin/python3.6
ENV PATH=${PATH}:/usr/local/bin:${NVM_DIR}/versions/node/v${NODE_VERSION}/bin:${JAVA_HOME}/bin:${MAVEN_HOME}/bin

RUN set -e; \
    if [ -n "$NODEJS_DIST_URL" ]; then \
      export "NVM_NODEJS_ORG_MIRROR=$NODEJS_DIST_URL"; \
      printf "disturl=$NODEJS_DIST_URL\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$NPM_REPO" ]; then \
      export "COREPACK_NPM_REGISTRY=$NPM_REPO"; \
      printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$PIP_CONFIG" ]; then \
      mkdir $HOME/.pip/; \
      printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
    fi; \
    if [ -n "$SUSE_REPO" ]; then \
      sed -i "s|https://public-dl.suse.com|$SUSE_REPO|g" /etc/zypp/repos.d/*; \
      zypper --no-gpg-checks refresh; \
    fi; \
    ARCH_NAME="$(rpm --eval '%{_arch}')"; \
    case "${ARCH_NAME##*-}" in \
      'amd64' | 'x86_64') \
        GOBIN_VERSION='amd64'; \
        ;; \
      'aarch64' | 'arm64') \
        GOBIN_VERSION='arm64'; \
        ;; \
      *) \
        echo >&2 "error: unsupported architecture: '$ARCH_NAME'"; \
        exit 1 \
        ;; \
    esac \
 && zypper refresh \
 && zypper \
      --non-interactive \
        update \
 && zypper \
      --non-interactive \
        install \
        -l \
        --no-recommends \
          bzip2 \
          gawk \
          gcc${GCC_VERSION} \
          gcc${GCC_VERSION}-c++ \
          gcc${GCC_VERSION}-fortran \
          git-core \
          make \
          unzip \
          wget \
          zip \
 && update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-${GCC_VERSION} 10 \
 && update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_VERSION} 10 \
 && update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-${GCC_VERSION} 10 \
 && update-alternatives --install /usr/bin/gfortran gfortran /usr/bin/gfortran-${GCC_VERSION} 10 \
 && curl -L "https://get.sdkman.io" | bash \
 && SDKMAN_BROKER_API="$SDKMAN_URL/broker" \
 && SDKMAN_CANDIDATES_API="$SDKMAN_URL" \
 && printf "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" \
      >> $HOME/.sdkman/etc/config \
 && source "$HOME/.sdkman/bin/sdkman-init.sh" \
 && sdk install java $JAVA_VERSION \
 && sdk install maven $MAVEN_VERSION \
 && sdk offline enable \
 && mv /root/.sdkman/candidates/* /opt/ \
 && rm -rf /root/.sdkman \
 && python3 -m pip install \
      --no-cache-dir \
      --upgrade \
        pip \
        setuptools \
        virtualenv \
 && python3 -m pip install \
      --no-cache-dir \
      --upgrade \
      --user \
        pipenv \
        poetry \
 && curl -o- $GITHUB_RAW_URL/nvm-sh/nvm/$NVM_VERSION/install.sh | bash \
 && source ${NVM_DIR}/nvm.sh \
 && nvm install ${NODE_VERSION} \
 && node -v \
 && npm -v \
 && gcc --version \
 && curl -L --output /usr/bin/bazel \
      $GITHUB_URL/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-${GOBIN_VERSION} \
 && chmod +x /usr/bin/bazel \
 && BAZELISK_BASE_URL=$GITHUB_URL/bazelbuild/bazel/releases/download bazel --version \
 && npm install -g \
      corepack \
 && rm -rf $HOME/.npmrc $HOME/.pip \
 && zypper clean -a \
 && if [ -n "$SUSE_REPO" ]; then \
      sed -i "s|$SUSE_REPO|https://public-dl.suse.com|g" /etc/zypp/repos.d/*; \
    fi

CMD ["/bin/bash"]



# cdxgen-image
FROM base AS cdxgen

ENV CDXGEN_IN_CONTAINER=true \
    CRYPTOGRAPHY_DONT_BUILD_RUST=1 \
    LANG=en_US.UTF-8 \
    LANGUAGE=en_US.UTF-8 \
    LC_ALL=en_US.UTF-8 \
    NODE_COMPILE_CACHE="/opt/cdxgen-node-cache" \
    PATH=${PATH}:/opt/cdxgen/node_modules/.bin \
    PYTHON_CMD=python3 \
    PYTHONIOENCODING="utf-8" \
    PYTHONUNBUFFERED=1 \
    SAFE_PIP_INSTALL=true

COPY . /opt/cdxgen

RUN set -e; \
    if [ -n "$NODEJS_DIST_URL" ]; then \
      export "NVM_NODEJS_ORG_MIRROR=$NODEJS_DIST_URL"; \
      printf "disturl=$NODEJS_DIST_URL\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$NPM_REPO" ]; then \
      export "COREPACK_NPM_REGISTRY=$NPM_REPO"; \
      printf "registry=$NPM_REPO\n@jsr:registry=$NPM_REPO\n" >> $HOME/.npmrc; \
    fi; \
    if [ -n "$PIP_CONFIG" ]; then \
      mkdir $HOME/.pip/; \
      printf "$PIP_CONFIG" > $HOME/.pip/pip.conf; \
    fi; \
    if [ -n "$SUSE_REPO" ]; then \
      sed -i "s|https://public-dl.suse.com|$SUSE_REPO|g" /etc/zypp/repos.d/*; \
      zypper --no-gpg-checks refresh; \
    fi; \
    source ${NVM_DIR}/nvm.sh \
 && zypper \
      --non-interactive \
        install \
        -l \
        --no-recommends \
          clang7 \
          lapacke-devel \
          libcurl-devel \
          libjpeg62-devel \
          libmariadb-devel \
          libopenblas_pthreads-devel \
          libopenssl-devel \
          llvm7 \
          llvm7-devel \
          postgresql-devel \
          postgresql17-server-devel \
 && cd /opt/cdxgen \
 && corepack enable \
 && corepack pnpm install:prod \
 && corepack pnpm cache delete \
 && mkdir -p ${NODE_COMPILE_CACHE} \
 && node /opt/cdxgen/bin/cdxgen.js --help \
 && rm -rf $HOME/.npmrc $HOME/.pip /root/.cache/node \
 && chmod a-w -R /opt \
 && zypper clean -a \
 && if [ -n "$SUSE_REPO" ]; then \
      sed -i "s|$SUSE_REPO|https://public-dl.suse.com|g" /etc/zypp/repos.d/*; \
    fi

WORKDIR /app

ENTRYPOINT ["node", "/opt/cdxgen/bin/cdxgen.js"]
